UNIX vs Windows NT: Which Is More Secure?
Without A Firewall, Your OS Must Protect Your From The Increased Risk of Adding A Web Server
By Jay Heiser
One of the great joys of being a computer professional is the opportunity to waste hours of time sparring over religious issues. With colorful prophets such as Bill Gates and Scott McNealy, there's no shortage of hype surrounding the debate over the superior operating environment. While this makes for terrific sport, it doesn't answer the email. In a business scenario, you need to ask, "Which technology best meets our requirements?" For servers visible to the Internet, especially Web servers, the ability to successfully resist attacks is crucial, which leads to the question of this article: Which is more secure, Windows NT or UNIX?
There is no simple answer to this question. You need to understand the server's functional requirements, the resources available to create and maintain the server, and the nature of the threat environment, all of which vary from organization to organization, and according to current goals. What are your requirements for confidentiality, data integrity, and availability? What special services or back-end access will you need? These questions must be addressed first in order to make a well-informed choice of Web-server operating environment.
Security Requirements
Security is an issue only because some organizations can expect to be attacked successfully, which will have an impact on their business goals. In the November 1997 issue of Web Techniques, I discussed some examples of successful Web-server attacks in "Web Security Failures."
